snippet rc "Replication Controller" !b
# WARNING, use Deployments -- ReplicationController is being replaced.
apiVersion: v1
kind: ReplicationController
metadata:
	name: ${1:some-controller}
	namespace: ${2:default}
spec:
	replicas: 1
	template:
		metadata:
			labels:
				app: $1
				tier: $3
		spec:
			containers:
			- name: ${4:name}
				image: ${5:nginx}
				imagePullPolicy: Always
				resources:
					requests:
						cpu: 100m
						memory: 200Mi
				ports:
				- containerPort: 8080
endsnippet

snippet dep "Deployment" !bm
apiVersion: apps/v1
kind: Deployment
metadata:
	name: ${1:some-controller}
	namespace: ${2:default}
spec:
	replicas: 1
	selector:
		matchLabels:
			$3
	template:
		metadata:
			labels:
				${3:app: $1}
		spec:
			containers:
			- name: ${4:name}
				image: ${5:nginx}
				imagePullPolicy: Always
				resources:
					requests:
						cpu: 100m
						memory: 200Mi
				ports:
				- containerPort: 8080
endsnippet

snippet svc "Service" !b
apiVersion: v1
kind: Service
metadata:
	name: ${1:frontend}
	namespace: ${2:default}
	labels:
		app: ${3:someApp}
		tier: ${4:frontend}
spec:
	ports:
	- port: ${5:80}
	selector:
		app: $3
		tier: $4
endsnippet

snippet depsvc "Deployment and service" !b
apiVersion: apps/v1
kind: Deployment
metadata:
	name: ${1:some-controller}
	namespace: ${2:default}
spec:
	replicas: 1
	selector:
		matchLabels:
			$3
	template:
		metadata:
			labels:
				${3:app: $1}
		spec:
			containers:
			- name: ${4:name}
				image: ${5:nginx}
				imagePullPolicy: Always
				resources:
					requests:
						cpu: 100m
						memory: 200Mi
				ports:
				- containerPort: ${6:8080}
---
apiVersion: v1
kind: Service
metadata:
	name: $1
	namespace: $2
spec:
	ports:
	- port: ${7:80}
		targetPort: $6
	selector:
		$3
endsnippet

snippet depsvcing "Deployment, service, and ingress" !b
apiVersion: apps/v1
kind: Deployment
metadata:
	name: ${1:some-controller}
	namespace: ${2:default}
spec:
	replicas: 1
	selector:
		matchLabels:
			$3
	template:
		metadata:
			labels:
				${3:app: $1}
		spec:
			containers:
			- name: ${4:name}
				image: ${5:nginx}
				imagePullPolicy: Always
				resources:
					requests:
						cpu: 100m
						memory: 200Mi
				ports:
				- containerPort: ${6:8080}
---
apiVersion: v1
kind: Service
metadata:
	name: $1
	namespace: $2
spec:
	ports:
	- port: ${7:80}
		targetPort: $6
	selector:
		$3
---
apiVersion: extensions/v1beta1
kind: Ingress
metadata:
	name: $1
	namespace: $2
spec:
	${10:tls:
	- secretName: ${9:$8.tls}
		hosts:
		- $8
	}rules:
	- host: ${8:host}
		http:
			paths:
			- path: ${11:/}
				backend:
					serviceName: $1
					servicePort: $7
endsnippet

snippet pv "PersistentVolume" !b
apiVersion: v1
kind: PersistentVolume
metadata:
	name: ${1:name}
	labels:
		app: ${2:app}
		tier: ${3:tier}
spec:
	capacity:
		storage: ${4:20Gi}
	accessModes:
		- ${5:ReadWriteMany}
	nfs:
		server: ${6:NameOrIP}
		path: ${7:"/share/path/on/server"}
endsnippet

snippet pvc "PersistentVolumeClaim" !b
apiVersion: v1
kind: PersistentVolumeClaim
metadata:
	name: ${1:name}
	labels:
		# insert any desired labels to identify your claim
		app: ${2:app}
		tier: ${3:tier}
spec:
	${4:storageClassName: ${5:standard}}
	accessModes:
		- ${6:ReadWriteOnce}
	resources:
		requests:
			# The amount of the volume's storage to request
			storage: ${7:20Gi}
endsnippet

snippet ing "Ingress" !b
apiVersion: extensions/v1beta1
kind: Ingress
metadata:
	name: ${1:name}
	namespace: ${2:default}
spec:
	${5:tls:
	- secretName: ${4:$3.tls}
		hosts:
		- $3
	}rules:
	- host: ${3:host.tld}
		http:
			paths:
			- path: ${7:/}
				backend:
					serviceName: ${8:service}
					servicePort: ${9:portNumberOrName}
endsnippet

snippet ns "Namespace" !b
apiVersion: v1
kind: Namespace
metadata:
	name: ${1:name}
endsnippet

snippet sa "ServiceAccount" !b
apiVersion: v1
kind: ServiceAccount
metadata:
	name: ${1:name}
endsnippet

snippet ingtls "Ingress TLS section" !b
tls:
- secretName: ${2:$1.tls}
	hosts:
	- ${1:host}
endsnippet

snippet cfg "ConfigMap" !b
apiVersion: v1
kind: ConfigMap
metadata:
	name: ${1:name}
data:
	${2:key}: ${3:value}
endsnippet

snippet sec "Secret" !b
apiVersion: v1
kind: Secret
metadata:
  name: ${1:secret-name}
type: ${2:Opaque}
data:
  ${3:key}: ${4:value}
endsnippet

snippet env "Environment template" !b
- name: ${1:VAR_NAME}
  value: ${2:value}
endsnippet

snippet secref "env SecretRef" !b
valueFrom:
	secretKeyRef:
		name: ${1:secret-name}
		key: ${2:key-name}
endsnippet

snippet pvol "Pod Volume Object"
- name: ${1:name}
	${2:source}:
		name: 
endsnippet

snippet job "Kubernetes Job" !b
apiVersion: batch/v1
kind: Job
metadata:
	name: ${1:jobname}
	labels:
		${2:sometag: somevalue}
spec:
	template:
		metadata:
			name: $1
		spec:
			containers:
			- name: ${3:containerName}
				image: ${4: image}
				imagePullPolicy: Always
				command: 
				- ${5:"override"
				- "--the"
				- "entrypoint"}
			restartPolicy: OnFailure
endsnippet

snippet cron "Kubernetes Cronjob" !b
apiVersion: batch/v2alpha1
kind: CronJob
metadata:
	name: ${1:name}
spec:
	schedule: "${2:*/1} * * * *"
	jobTemplate:
		spec:
			template:
				spec:
					containers:
					- name: $1
						image: ${3: image}
						args: ${4:
						- /bin/sh
						- -c
						- date; echo Hello from the Kubernetes cluster}
					restartPolicy: OnFailure
endsnippet

snippet skr "SecretKeyRef" 
valueFrom:
	secretKeyRef:
		name: ${1:secret}
		key: ${2:key}
endsnippet

snippet cert "cert-manager certificate" !b
apiVersion: certmanager.k8s.io/v1alpha1
kind: Certificate
metadata:
	name: ${1:name}
	namespace: ${2:namespace}
spec:
	secretName: ${4:$3.tls}
	dnsNames:
	- ${3:some.domain.com}
	acme:
		config:
		- dns01:
				provider: ${4:prod}
			domains: [ $3 ]
	issuerRef:
		name: ${5:letsencrypt}
		kind: ClusterIssuer
endsnippet


snippet netp "NetworkPolicy" !b
kind: NetworkPolicy
apiVersion: extensions/v1beta1
metadata:
	namespace: ${1:default}
	name: ${2:policyname}
	spec:
	${4:podSelector:
			matchLabels:
				${3:{}}
}	ingress:
			- {}
endsnippet

snippet probe "Liveness/Readiness Probes" !b
livenessProbe: &probe
	initialDelaySeconds: ${1:10}
	httpGet:
		port: ${2:8080}
		path: ${3:/}
readinessProbe: *probe $0
endsnippet

snippet ss "StatefulSet" !b
apiVersion: v1
kind: Service
metadata:
	name: ${1:myservice}
spec:
	ports:
	- port: $5
		name: $6
	clusterIP: None
	selector:
		$2
---
apiVersion: apps/v1
kind: StatefulSet
metadata:
	name: ${1:mystatefulset}
spec:
	selector:
		matchLabels:
			$2
	serviceName: "nginx"
	replicas: 3 # by default is 1
	template:
		metadata:
			labels:
				${2:app: $1}
		spec:
			# terminationGracePeriodSeconds: 10
			containers:
			- name: ${3:$1}
				image: ${4:$1}
				ports:
				- containerPort: ${5:80}
					name: ${6:web}
				volumeMounts:
				- name: ${7:volume}
					mountPath: ${8:/var/lib/mydata}
	volumeClaimTemplates:
	- metadata:
			name: $7
		spec:
			accessModes: [ "ReadWriteOnce" ]
			storageClassName: "${9:standard}"
			resources:
				requests:
					storage: ${10:1G}
endsnippet

snippet res "Resources" !b
resources:
	requests:
		cpu: ${1:100m}
		memory: ${2:200Mi}
	${5:limits:
		cpu: ${3:$1}
		memory: ${4:$2}}$0
endsnippet

snippet init "Init Container" !b
initContainers:
- name: ${1:myinit}
	image: ${2:busybox}
	command: [${3:rm, -rf,  $5/lost+found}]
	${6:volumeMounts:
	- name: ${4:data}
		mountPath: ${5:/data}}$0
endsnippet

snippet strat "Deployment Strategy" !b
strategy:
	type: ${1:RollingUpdate|Recreate}
	rollingUpdate:
		maxSurge: ${2:1}
		maxUnavailable: ${3:1}$0
endsnippet

snippet atls "tls-acme annotations" !b
annotations:
	kubernetes.io/tls-acme: "true"
endsnippet

snippet vtls "tls-vault annotations" !b
annotations:
	kubernetes.io/tls-vault: "true"
endsnippet

snippet cmtls "cert-manager tls annotations" !b
${2:annotations:
	}certmanager.k8s.io/cluster-issuer: ${1:lets-encrypt}
endsnippet

snippet edns "external dns" !b
annotations:
	external-dns.alpha.kubernetes.io/hostname: ${1:myname.mydomain.com}
endsnippet

snippet role "Role" !b
kind: ${1:Cluster}Role
apiVersion: rbac.authorization.k8s.io/v1
metadata:
	${2:namespace: ${3:default}
	}name: ${4:configmap-updater}
rules:
- apiGroups: ["${5:}"]
	resources: ["${6:configmaps}"]
	resourceNames: ["${7:my-configmap}"]
	verbs: [${8:"update", "get"}]
endsnippet

snippet rb "RoleBinding" !b
# This role binding allows "jane" to read pods in the "default" namespace.
kind: ${1:Cluster}RoleBinding
apiVersion: rbac.authorization.k8s.io/v1
metadata:
	name: ${2:read-pods}
	${3:namespace: ${4:pods}
}subjects:
- kind: ${5:User|ServiceAccount|Group}
	name: ${6:jane} # Name is case sensitive
	apiGroup: rbac.authorization.k8s.io
roleRef:
	kind: ${7:Cluster}Role #this must be Role or ClusterRole
	name: ${8:pod-reader} # this must match the name of the Role or ClusterRole you wish to bind to
	apiGroup: rbac.authorization.k8s.io
endsnippet

snippet rbac "Role and Binding" !b
kind: ${1:Cluster}Role
apiVersion: rbac.authorization.k8s.io/v1
metadata:
	${2:namespace: ${3:default}
	}name: ${4:configmap-updater}
rules:
- apiGroups: ["${5:}"]
	resources: ["${6:configmaps}"]
	resourceNames: ["${7:my-configmap}"]
	verbs: [${8:"update", "get"}]
---
# This role binding allows "jane" to read pods in the "default" namespace.
kind: ${9:Cluster}RoleBinding
apiVersion: rbac.authorization.k8s.io/v1
metadata:
	name: $4
	$2
subjects:
- kind: ${10:User|ServiceAccount|Group}
	name: ${11:jane} # Name is case sensitive
	apiGroup: rbac.authorization.k8s.io
roleRef:
	kind: $1Role #this must be Role or ClusterRole
	name: $4 # this must match the name of the Role or ClusterRole you wish to bind to
	apiGroup: rbac.authorization.k8s.io
endsnippet

snippet hpa "HorizontalPodAutoscaler" !b
apiVersion: autoscaling/v1
kind: HorizontalPodAutoscaler
metadata:
	name: ${5:$1}
spec:
	scaleTargetRef:
		apiVersion: apps/v1
		kind: Deployment
		name: ${1:mydeployment}
	minReplicas: ${2:1}
	maxReplicas: ${3:5}
	targetCPUUtilizationPercentage: ${4:70}
endsnippet

snippet pvolm "Volume Mount and spec" !b
	volumeMounts:
	- name: ${1:volume}
		mountPath: ${2:/etc/mount/path}
		${3:subPath: ${4: key}}
volumes: 
- name: $1
	${5:configMap}:
		${6:name}: ${7:someName}
endsnippet

snippet volm "Volume Mount" !b
- name: ${1:volume}
	mountPath: ${2:/etc/mount/path}
	${3:subPath: ${4: key}}
$0
endsnippet

snippet prom "Prometheus annotations" !b
annotations:
	prometheus.io/scrape: "true"
	prometheus.io/endpoint: "${1:/metrics}"
	prometheus.io/port: "${2:8080}"
endsnippet

snippet aff "Affinitiy/Anti-Affinity" !b
pod${1:Anti}Affinity:
	${2:preferred|required}DuringSchedulingIgnoredDuringExecution:
	- weight: 100
		podAffinityTerm:
			labelSelector:
				matchExpressions:
				- key: ${3:app}
					operator: In
					values:
					- ${4:appname}
			topologyKey: ${5:kubernetes.io/hostname}
endsnippet 

snippet hpa "Horizontal Pod Autoscaler" !b
apiVersion: autoscaling/v2beta1
kind: HorizontalPodAutoscaler
metadata:
  name: ${1:hpa-name}
  namespace: ${2:default}
spec:
  scaleTargetRef:
    apiVersion: apps/v1
    kind: Deployment
    name: ${3:deployment-name}
  minReplicas: 1
  maxReplicas: 10
  metrics:
  - type: Resource
    resource:
      name: cpu
      targetAverageUtilization: 10
  - type: Resource
    resource:
    name: memory
      targetAverageValue: 1000Mi
endsnippet
